$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/238BFF104128FBEC185234C7879355DB8B0D84D2.cer File: 238BFF104128FBEC185234C7879355DB8B0D84D2.cer (raw, json) Hash identifier: TuFFWjVudCNJJoFJXMvHe4ScJPOpAFo/ZyWXVa5MMDc= Subject key identifier: 23:8B:FF:10:41:28:FB:EC:18:52:34:C7:87:93:55:DB:8B:0D:84:D2 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 6ED7ECC0B6C58ACC8201A578E13F223D2CE8E768 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/1f286f0c-0fcd-439c-8dfe-8065c9178901/0/238BFF104128FBEC185234C7879355DB8B0D84D2.mft caRepository: rsync://rpki-rsync.idnic.net/repo/1f286f0c-0fcd-439c-8dfe-8065c9178901/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sat 02 May 2026 23:59:58 +0000 Certificate not after: Sun 02 May 2027 00:04:58 +0000 Subordinate resources: IP: 180.131.130.0/24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:d7:ec:c0:b6:c5:8a:cc:82:01:a5:78:e1:3f:22:3d:2c:e8:e7:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 23:59:58 2026 GMT Not After : May 2 00:04:58 2027 GMT Subject: CN=238BFF104128FBEC185234C7879355DB8B0D84D2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:27:5f:d4:a0:e7:2c:cb:71:4a:1c:6c:42:8c: b5:87:7c:b1:5c:e6:7c:d8:b6:38:fe:09:60:a1:16: c1:d8:b6:d1:50:fb:b3:4a:26:22:aa:3d:9b:f8:d1: 42:f5:55:54:ac:f6:e0:10:13:76:50:ac:1a:69:41: 34:3e:3a:18:a5:dc:0c:94:2c:e3:45:21:27:3d:52: 71:23:e7:f7:45:4a:9a:cb:bd:1d:d0:84:92:e8:15: b4:ac:b7:2d:13:46:68:a9:e0:e5:b6:75:30:c4:c9: 3f:1a:9d:d0:c1:9a:43:75:be:32:45:25:c7:e4:cf: 36:73:46:71:9c:c9:b0:df:99:0f:c6:1f:64:50:ee: a9:d7:68:b5:b9:e2:26:51:5b:dd:de:94:47:a1:8d: bf:18:a1:1a:28:19:e8:97:f3:ec:6b:2b:50:30:d6: 63:f9:50:52:ad:55:c8:3f:62:13:64:c1:ee:3f:ca: e4:8f:c1:aa:8a:8b:09:d0:5e:65:41:f2:4b:4f:20: c6:17:1c:f2:f5:7e:4c:19:37:9d:bc:15:e7:7e:64: e1:a5:8d:00:cf:c3:41:55:93:d6:56:88:e6:b1:5d: 97:3f:06:5f:34:9d:e5:f9:87:81:b1:97:7d:9c:1a: a2:2d:e3:4b:ce:27:1f:71:78:37:74:e4:d7:72:bc: 22:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 23:8B:FF:10:41:28:FB:EC:18:52:34:C7:87:93:55:DB:8B:0D:84:D2 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/1f286f0c-0fcd-439c-8dfe-8065c9178901/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/1f286f0c-0fcd-439c-8dfe-8065c9178901/0/238BFF104128FBEC185234C7879355DB8B0D84D2.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 180.131.130.0/24 Signature Algorithm: sha256WithRSAEncryption 68:b2:d4:69:0c:e4:a1:9a:e2:b1:91:0c:0e:61:e9:b7:0a:23: 5d:5d:a6:18:98:ad:00:82:d3:98:fa:15:a9:c5:48:43:8b:3e: b7:42:bb:6d:b3:9f:f8:89:89:5c:85:4c:97:89:ae:85:a4:56: a4:3e:94:23:55:89:e9:49:a2:52:c8:d5:a0:94:ab:45:7c:1c: 07:2d:fc:e7:d5:d9:30:39:3c:20:be:dc:ce:4f:15:1e:a1:54: 58:3d:db:04:0a:f0:b7:71:64:7f:5d:dd:56:61:83:23:a1:bf: 53:7d:6b:82:e6:7a:2e:9c:01:cb:3d:cb:8a:05:9d:e5:e6:c0: d7:e7:e0:eb:0c:08:97:1c:5a:56:b9:5a:a9:f8:9c:f9:7a:fd: ff:59:4f:60:1a:2d:c3:63:9c:a6:cd:1d:8b:b9:70:dd:37:f7: 33:13:ab:d5:67:d6:56:16:56:2d:b8:62:e9:41:8b:51:d3:b5: 6a:57:da:6e:60:00:68:34:5e:f0:35:dc:1e:94:b1:1d:fa:1c: 84:85:c4:cf:2d:55:fa:d5:e0:6e:fb:58:4c:e7:3b:dc:bd:49: e7:89:15:46:3c:c4:05:bd:b9:bf:55:15:8f:be:1a:c8:77:73: 71:44:24:ac:9d:a0:3c:18:e1:7d:42:9f:00:43:13:a6:51:57: 96:1e:bd:5d -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUbtfswLbFisyCAaV44T8iPSzo52gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIzNTk1OFoX DTI3MDUwMjAwMDQ1OFowMzExMC8GA1UEAxMoMjM4QkZGMTA0MTI4RkJFQzE4NTIz NEM3ODc5MzU1REI4QjBEODREMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK4nX9Sg5yzLcUocbEKMtYd8sVzmfNi2OP4JYKEWwdi20VD7s0omIqo9m/jR QvVVVKz24BATdlCsGmlBND46GKXcDJQs40UhJz1ScSPn90VKmsu9HdCEkugVtKy3 LRNGaKng5bZ1MMTJPxqd0MGaQ3W+MkUlx+TPNnNGcZzJsN+ZD8YfZFDuqddotbni JlFb3d6UR6GNvxihGigZ6Jfz7GsrUDDWY/lQUq1VyD9iE2TB7j/K5I/BqoqLCdBe ZUHyS08gxhcc8vV+TBk3nbwV535k4aWNAM/DQVWT1laI5rFdlz8GXzSd5fmHgbGX fZwaoi3jS84nH3F4N3Tk13K8IgECAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCOL/xBBKPvsGFI0x4eTVduLDYTSMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzFmMjg2ZjBjLTBmY2QtNDM5Yy04ZGZlLTgwNjVjOTE3ODkwMS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8xZjI4NmYw Yy0wZmNkLTQzOWMtOGRmZS04MDY1YzkxNzg5MDEvMC8yMzhCRkYxMDQxMjhGQkVD MTg1MjM0Qzc4NzkzNTVEQjhCMEQ4NEQyLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAtIOCMA0GCSqGSIb3DQEBCwUAA4IBAQBostRpDOShmuKxkQwOYem3CiNdXaYY mK0AgtOY+hWpxUhDiz63Qrtts5/4iYlchUyXia6FpFakPpQjVYnpSaJSyNWglKtF fBwHLfzn1dkwOTwgvtzOTxUeoVRYPdsECvC3cWR/Xd1WYYMjob9TfWuC5nounAHL PcuKBZ3l5sDX5+DrDAiXHFpWuVqp+Jz5ev3/WU9gGi3DY5ymzR2LuXDdN/czE6vV Z9ZWFlYtuGLpQYtR07VqV9puYABoNF7wNdwelLEd+hyEhcTPLVX61eBu+1hM5zvc vUnniRVGPMQFvbm/VRWPvhrId3NxRCSsnaA8GOF9Qp8AQxOmUVeWHr1d -----END CERTIFICATE-----Generated at Tue May 12 22:32:50 2026 by rpki-client